A brand-new mass attack uses BlueKeep exploit to infect with Monero miners

It was just a matter of time: the first “mass exploiting” of BlueKeep vulnerability is spotted in the wild.
If you haven’t already patched your servers, do it asap!

Continue reading “A brand-new mass attack uses BlueKeep exploit to infect with Monero miners”

Some thoughts about Windows 10 “Timeline” forensics artifacts

Today i’ll talk you briefly about the Windows 10 “Timeline“: a feature that can come in handy during a forensic analysis.
How to access it and how to analyze it?

Continue reading “Some thoughts about Windows 10 “Timeline” forensics artifacts”

Win32/StealthFalcon malware uses Windows Background Intelligent Transfer Service (BITS) to communicates to its C&C servers

Stealth Falcon is a state-sponsored cyber espionage group that since 2012 targets political activists and journalists in the Middle East.

Continue reading “Win32/StealthFalcon malware uses Windows Background Intelligent Transfer Service (BITS) to communicates to its C&C servers”